Remove no longer necessary cosign config

.github/workflows/pipeline.yml

@@ -214,13 +214,7 @@ jobs:
           image_name: ${{ env.IMAGE_NAME }}:${{ github.sha }}
 
       - name: Sign the published Docker image
-        env:
-          COSIGN_EXPERIMENTAL: "true"
-        # This step uses the identity token to provision an ephemeral certificate
-        # against the sigstore community Fulcio instance.
         run: cosign sign --yes ghcr.io/${{ env.IMAGE_NAME }}:${{ github.sha }}
 
       - name: Attest the vulnerability scan
-        env:
-          COSIGN_EXPERIMENTAL: "true"
         run: cosign attest --yes --replace --predicate vulnerabilities.json --type vuln ghcr.io/${{ env.IMAGE_NAME }}:${{ github.sha }}